Skip to content
This repository has been archived by the owner on Oct 20, 2020. It is now read-only.

[Snyk] Upgrade: react, react-dom #3

Merged
merged 2 commits into from
Mar 10, 2020

Conversation

snyk-bot
Copy link
Contributor

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on
react
from 16.0.0 to 16.12.0
52 versions ahead of your current version 4 months ago
on 2019-11-14
react-dom
from 16.0.0 to 16.12.0
55 versions ahead of your current version 4 months ago
on 2019-11-14

The recommended version fixes:

Severity Issue Exploit Maturity
Regular Expression Denial of Service (ReDoS)
npm:ua-parser-js:20180227
Proof of Concept
Cross-site Scripting (XSS)
npm:react-dom:20180802
No Known Exploit
Release notes
Package name: react from react GitHub release notes
Package name: react-dom from react-dom GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[//]: # (snyk:metadata:{"dependencies":[{"name":"react","from":"16.0.0","to":"16.12.0"},{"name":"react-dom","from":"16.0.0","to":"16.12.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/coderbyheart/project/a5aa72bb-b5d9-4dec-adc9-3238d3e5caa9?utm_source=github&utm_medium=upgrade-pr","projectPublicId":"a5aa72bb-b5d9-4dec-adc9-3238d3e5caa9","env":"prod","prType":"upgrade","vulns":["npm:ua-parser-js:20180227","npm:react-dom:20180802"],"issuesToFix":[{"issueId":"npm:ua-parser-js:20180227","severity":"medium","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"proof-of-concept"},{"issueId":"npm:react-dom:20180802","severity":"medium","title":"Cross-site Scripting (XSS)","exploitMaturity":"no-known-exploit"}],"upgrade":["npm:ua-parser-js:20180227","npm:react-dom:20180802"],"upgradeInfo":{"versionsDiff":52,"publishedDate":"2019-11-14T23:57:29.304Z"},"templateVariants":[],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false})

@coderbyheart coderbyheart merged commit f286004 into master Mar 10, 2020
@coderbyheart coderbyheart deleted the snyk-upgrade-68a668fd62b5d6db0cc5abc4fd477742 branch October 6, 2020 22:17
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants